<?php
require(dirname(__FILE__) .'/check.php');
$skin->CheckIframe();



/* **** 版权所有 ****

 程序开发：网钛科技
 网钛CMS官网：http://otcms.com
 网钛IDC官网：http://idccms.com
 ＱＱ：877873666
 微信：QQ877873666
 邮箱：877873666@qq.com

 **** 版权所有 **** */


//用户检测
$MB->Open('','login',10);
$MB->IsMenuRight('alertBack','用户管理');


switch($mudi){
	case 'add': case 'rev':
		$MB->IsMenuRight('alertBack','用户维护');
		AddOrRev();
		break;

	case 'del':
		$MB->IsMenuRight('alert','用户维护');
		Del();
		break;

	case 'send':
		$MB->IsMenuRight('alert','用户维护');
		SendData();
		break;

	default:
		die('err');
} 

$MB->Close();
$DB->Close();




function AddOrRev(){
	global $DB,$MB;

	$dataID			= OT::PostInt('dataID');
	$username		= OT::PostStr('username');
	$userpwd		= OT::Post('userpwd');
	$realname		= OT::PostStr('realname');
	$groupID		= OT::PostInt('groupID');
	$itemNum		= OT::PostInt('itemNum');
		if ($itemNum <= 0){ $itemNum = 20; }
	$foreUsername	= OT::PostStr('foreUsername');
	$note			= OT::PostStr('note');
	$state			= OT::PostInt('state');
	$isEndTime		= OT::PostInt('isEndTime');
	$endTime		= OT::PostStr('endTime');
		if (! strtotime($endTime)){ $endTime = '2008-08-08 08:08:08'; }

	if($username=='' || $realname==''){
		JS::AlertBackEnd('表单内容接收不全');
	}

	$chkRow = $DB->GetRow('select MB_ID from '. OT_dbPref .'member where MB_username='. $DB->ForStr($username) .' and MB_ID<>'. $dataID);
		if ($chkRow){
			JS::AlertBackEnd('该用户名已存在，请换个！');
		}
	$chkRow = null;

	$record=array();
	$record['MB_username']		= $username;
	$record['MB_realname']		= $realname;
	$record['MB_groupID']		= $groupID;
	$record['MB_itemNum']		= $itemNum;
	$record['MB_foreUsername']	= $foreUsername;
	$record['MB_note']			= $note;
	$record['MB_state']			= $state;
	$record['MB_isEndTime']		= $isEndTime;
	$record['MB_endTime']		= $endTime;

	if ($dataID > 0){
		$alertStr = '修改';
		$groupID = $DB->GetOne('select MB_groupID from '. OT_dbPref .'member where MB_ID>1 and MB_ID='. $dataID);
		$grow = $DB->GetRow('select MG_rightStr from '. OT_dbPref .'memberGroup where MG_ID='. $groupID);
			if ($grow){
				if ($MB->GetRightStr() != 'admin' && strpos($grow['MG_rightStr'],'|用户管理|') !== false){
					JS::AlertEnd('你无权修改该用户！\n可能对方跟你权限同级.');
				}
			}
		unset($grow);

		if (strlen($userpwd)>=6){
			$userKey = OT::RndChar(5);
			$record['MB_userKey']	= $userKey;
			$record['MB_userpwd']	= md5(md5($userpwd) . $userKey);
		}
		$DB->UpdateParam('member', $record, "MB_rightStr<>'admin' and MB_ID=". $dataID);
	}else{
		$alertStr = '添加';
		$userKey = OT::RndChar(5);
		$record['MB_time']		= TimeDate::Get();
		$record['MB_rightStr']	= '|';
		$record['MB_userKey']	= $userKey;
		$record['MB_userpwd']	= md5(md5($userpwd) . $userKey);
		$DB->InsertParam('member', $record);
	}

	JS::AlertHref($alertStr .'用户成功！','member.php?mudi=manage');
}



function Del(){
	global $DB,$MB;

	$dataID = OT::GetInt2( OT::ParaArr('id') );
	$groupID=$DB->GetOne('select MB_groupID from '. OT_dbPref .'member where MB_ID>1 and MB_ID='. $dataID);
	$grow = $DB->GetRow('select MG_rightStr from '. OT_dbPref .'memberGroup where MG_ID='. $groupID);
		if ($grow){
			if ($MB->GetRightStr() != 'admin' && strpos($grow['MG_rightStr'],'|用户管理|') !== false){
				 JS::AlertEnd('你无权删除该用户！\n可能对方跟你权限同级');
			}
		}
	unset($grow);

	$DB->query('delete from '. OT_dbPref .'member where MB_ID>1 and MB_ID='. $dataID);

	JS::ParentHiddenEnd('data'. $dataID);
}

?>